Page 1 of 9

ITT 413 Ethical Hacking: Tuesday -Thursdays 9:30PM – 10:45AM John Mitchell Center 270 Sep 3, 2019-Dec 13, 2019

Instructor: Cassie Dove Office Location: JMC 210

Email: Cassandra.dove@maine.edu Office Phone: 2078069363

Office Hours: Wednesdays 10-2 JMC 210

Course Description: This course will give students an understanding of network vulnerabilities and how to prevent them. Students will utilize hands-on experiences to setup and test baseline security settings on their networks. Once the vulnerabilities have been identified students will create a plan to address identified vulnerabilities to keep malware and hackers out of their networks. The final stage will be to retest the network to verify their changes created a secure network.

Learning Outcomes: After successful completion of this course, students will be able to: 1. Demonstrate proficiency in a variety of Operating Systems and hacking tools.2. Practice testing for network vulnerabilities.3. Practice scanning for adjacent and connected networks.4. Practice exploitation of discovered vulnerabilities.5. Evaluate information from various tools to produce a unified report.6. Describe the Ethical Hacker Methodology.7. Describe the Attacker Methodology.8. Differentiate Ethical and Unethical Hacking.9. Differentiate passive and active scanning methods.10. Differentiate vulnerability scanning and penetration testing.11. Report on the resulting data from various application sources.

Course Materials & Books: Textbook Required: Certified Ethical Hacker (CEH) Version 9 edition 2. ISBN-13: 978-0-7897-5691-6

Contacting the Instructor: Cassie Dove (Cassandra.dove@maine.edu) Cell: 207 806 9363 John Mitchell Center; Room 210 Gorham, ME 04038 Office Hours: Wednesdays 10-2pm or by appt.

Copyright 2019 Cassie Dove

DRAFT

Page 2 of 9

Course Requirements: Requested technologies: Use your google drive to save and back up your work. Or at least have a 5-10gig external drive to save or backup your files. Do not save digital documents on the computers. Lost work due to leaving files on a computer is NOT an excuse. It is important to backup your files for redundancy. If you are using software outside of class, remember that is a best practice to work with the same software if you plan to submit projects. Contact your instructor if you have any questions. Examinations: Variable methods of evaluations and assessments will be used in this class. Various types of quizzes (online or in classroom), project based assessments, group or solo projects, peer reviews and oral visual presentations of projects will be used. All will be graded on a point basis. For example, exams will have the potential for 100 points, projects will be 100 points, quizzes 40 points, group or solo projects 70 points, and peer reviews from presentations will be 20 points.

Type of examination/Project Point potential Cumulative point potential

Exams – 4 80 each 320

Quizzes 10 30 each 300

Solo projects 5 70 each 350

Attendance 1 30

Grades: A 970 – 1000 A- 930 – 969 B+ 890 – 929 B 850 – 889 B- 810 – 849 C+ 770 – 809 C 730 – 769 C – 690 – 729 D+ 650 – 689 D 610 – 649 D- 570 – 509 Below 569 Failing Computer Access: Many quizzes and assignments for this course will be delivered through the USM Blackboard https://www.courses.maine.edu/webapps/portal/frameset.jsp You will need the appropriate computer configurations as stated necessary for accessing course resources, course calendar, turning in assignments, contacting the instructor and taking assessments. USM Tech Support for Blackboard

techsupport@maine.edu or 1800 696 4357 (Monday through Friday 7am – 7pm)

Help for USM Faculty and Students Only: http://usm.maine.edu/helpdesk

Call 207 780 4029 Class Schedule and Assignments: A detailed outline for the course assignments and labs will be posted on the calendar of Blackboard website for this course. An overview of that required course material is as follows: Course Calendar: (subject to change depending on class cancelations or performance issues).

Objectives Frequency Scoring Portion of Grade

Online Reviews – based on reading assignments and lecture notes

There will be weekly in class assignments to be done in lab time. At least 10 of those assignments will go towards your Exercise portion of the grade.

(10+) up to = 100+ Instrument grading rubric

20% of 100 total possible points

Copyright 2019 Cassie Dove

DRAFT

Page 3 of 9

Four major projects associated to lab work and lectures. 1. Project 2. Project 3. Project 4. Project

There will be five major assignments that are associated with lab and lecture. These projects will utilize lab time.

5 @70 points = 350 Instrument: Grading Rubric

20% of 100 total possible points.

Four Assessment Exams (reading reviews, skills, lecture notes) a. Terms/Fill in the blank b. True/False c. Problem solving

- Practice quizzes available on assigned book readings. -Possible 100 points per quiz, an averaged together for a final score. - Final exam is comprehensive and averaged into your overall grade.

Terms and lectures: true/false, multiple choice, Essay, Fill in the blank, Matching and skills assessment.

Exams = 20% of 100 total possible points.

5. Final Project These projects change and will be assigned by instructor

Included in project points above

Week Tuesdays Thursday Events

1 9/3 9/5 Introductions & Setup Chapters 1 & Q1

2. 9/10 9/12 Technical Foundations Chapter 2 Q2

3. 9/17 Foot printing and Scanning

9/19 Chapters 3 Q3

4. 9/24 Enumeration and System Hacking

9/26 Malware Threats Chapter 4 & 5 Q4

5. 10/1 Sniffers, session hijacking, and denial of service

10/3 Chapter 6 (Exam 1)

6. 10/8 Web Server, Applications DB attacks

10/10 Q5 Chapter 7

7. 10/15 (Break) 10/17 Wireless Tech, Mobile Security and Attacks

Q6 Chapter 8

8. 10/22 IDS, Firewalls and Honeypots

10/24 Q7 Chapter 9 and Exam 2 review

9. 10/29 10/31 (Exam 2)

10. 11/5 Physical Security and Social Engineering

11/7 Q8 Chapter 10

11. 11/12 Crypto Attacks 11/14 Crypto Defenses Q9 Chapter 11

Copyright 2019 Cassie Dove

DRAFT

Page 4 of 9

12. 11/19 11/21 Q10 3rd Exam review

13. 11/26 11/28 (Turkey Break) (Exam 3)

14. 12/3 Cloud Computing 12/5 Botnets Chapter 12

15. 12/10 12/12 Review for Final (All final projects due by 12/14 Midnight)

16. 12/17 Final Exam

Requirements for Assignments: Projects and Assignments: In most cases, weekly assignments and larger projects will be turned in online with a cutoff date for late submissions. Late Work Policy: Students will have the opportunity to turn in late assignments online only. Assignments and projects turned in late will be penalized by as much as half credit. No submissions or assignments of projects will be regarded as a non-submission and a ZERO grade posted for the missed assignment. When submitting to Blackboard, double – check to ensure your project was posted. Save copies of all your work on an external drive for backup. Grading: All points will be cumulative and be totaled, ranked and graded according to the following scale:

A = 97-100 C = 73-76

A- = 93-96 C- = 69-72

B+ = 89-92 D+ = 65-68

B = 85-88 D = 61-64

B-= 81=84 D- = 57-60

C+ = 77-80 F = 56 and below

Grading Criteria:

Excellent: Submission of all online and in-class assignment, perfect attendance, participation and engagement in course’s activities, and supportive strong exam performance. Demonstrates a clear understanding of course objectives and applies fundamental design and technical skills towards problem solving.

Very Good: Submission of some online and in-class assignments, perfect attendance, some participation and engagement in course’s activities and supportive exam performance. Demonstrate some understanding of course objectives and applies some basic design and technical skills toward problem solving.

Good/Average: Submission of some online and in-class assignments, attendance within limitations, some participation and engagement in course’s activities, and supportive exam performance. Demonstrates minimal understanding of course objectives and applies minimal basic design and technical skills toward problem solving.

Below Average: Irregular submission of online and in-class assignments, attendance borders limitations, irregular participation and engagement in course’s activities, and non-supportive exam performance. Demonstrates minimal understanding of course objectives and applies minimal basic design and technical skills toward problem solving.

Copyright 2019 Cassie Dove

DRAFT

Page 5 of 9

Fail: Irregular submission of online and in-class assignments, attendance beyond limitations, irregular participation and engagement in course’s activities, and non-supportive exam performance. Demonstrates minimal understanding of course objectives and applies minimal understanding of design and technical skills toward problem solving.

Course Evaluations: At the end of each semester every student has the opportunity to provide constructive feedback on the course. It is important to me that you take the time to let me know your thoughts about the course. I use your feedback to make improvements in the course materials, assignments, and outcomes.

Copyright 2019 Cassie Dove

DRAFT

Page 6 of 9

COURSE POLICIES

CLASS CANCELLATION Cancellations due instructor illness or another reason will be posted on Blackboard, and all students will be sent an email the night before the class. ATTENDANCE POLICY: Inclement Weather From time to time USM will close the University due to inclement weather. When the cancellation is for an entire day, the class content will be made up at another time or through additional, outside of class, assignments. When the school opens late or closes early, and the time selected is during the middle of class, we will still hold the class unless you are otherwise notified by me. Two examples:

If class starts at 1pm, but the University is closing at 1:30pm, we will still have class unless you hear from me.

If class starts at 1pm, but the University is opening at 1:30pm, we will still have class unless you hear from me.

TECHNOLOGY IN THE CLASSROOM Class notes: Note taking is supported and encouraged as part of your coursework. Students may also use notepads and laptops to type notes, as long as this is done quietly under reasonable circumstances. However, no texting, audio, images, and or video recording technologies will be allowed to be used for capturing lectures, reviews, or labs within the classroom without the instructor’s specific consent or permission for special needs cases. When students are sitting at computer stations during exams, lectures or demonstrations, all social networking sites will be turned off. Student owned technologies in the classroom: Students may use their own laptop/notepad computers in the classroom, but the responsibility of these personal technologies is their own in regards to theft and damages incurred. Cell Phones: Please remember to be respectful of others and turn cell phones off during class. Please excuse yourself from class to take or make phone calls if deemed necessary. Repeated disruptions may require a request to have a phone turned off. Texting in class is NOT allowed. Texting could be seen as an issue conflicting with a Student’s Academic Integrity Policy. Repeated offenses will require request to have the phone turned off. Music storage devices – Online Access. During computer labs, once the lectures are completed. While working on assignments, students may use headphones and access their personal devices or online resources. Attendance and Late Work: After three (3) unexcused absences, each unexcused absence beyond 3 will result in a letter grade reduction. Health related absences do NOT require a written excuse from University Health Services and will be treated as an absence, beyond 3 health related absences would affect your grades. All other excused absences (sports and academic) must be supported with written documentation. It is the responsibility of the student to provide documentation if excused absence are to be granted. In this course, three unexcused absences are permitted without a reduction in grade. Students should contact classmates for missed notes.

Copyright 2019 Cassie Dove

DRAFT

Page 7 of 9

Needing to leave the classroom: If you need to leave the classroom for any reason (bathroom etc), please excuse yourself quietly and return quietly. If there is a reason to be tardy or miss part of a class for other personal/professional reasons, please consult with your instructor about the forthcoming event through email or face to face. ACADEMIC INTEGRITY / PLAGIARISM Everyone associated with the University of Southern Maine is expected to adhere to the principles of academic integrity central to the academic function of the University. Any breach of academic integrity represents a serious offense. Each student has a responsibility to know the standards of conduct and expectations of academic integrity that apply to academic tasks. Violations of academic integrity include any actions that attempt to promote or enhance the academic standing of any student by dishonest means. Cheating on an examination, stealing the words or ideas of another (i.e., plagiarism), making statements known to be false or misleading, falsifying the results of one's research, improperly using library materials or computer files, or altering or forging academic records are examples of violations of this policy which are contrary to the academic purposes for which the University exists. Acts that violate academic integrity disrupt the educational process and are not acceptable. Evidence of a violation of the academic integrity policy will normally result in disciplinary action. A copy of the complete policy may be obtained from the office of Community Standards and Mediation, online at usm.maine.edu/community-standards-mediation/academic-integrity or by calling and requesting a copy at (207) 780-5242. FINAL EXAMINATIONS/FINAL PROJECT The final project will be due by the end of the final exam. All project must be uploaded by 330pm Dec 17th, 2019. 85996 ITT 413 0001 Ethical Hacking Tue 12/17 10:45 AM 12:45 PM JMC270 It is a USM academic policy that no tests or exams may be scheduled during the last week of classes. Absence from a Final Exam: A student who misses a final examination should immediately contact the instructor to apply for a special examination if justifiable. Students who miss a final exam and are failing the course at the time will usually be given a great of F instead of being marked I for the semester grade. Missing the final exam is an automatic grade of an F for that exam, that score will also be used for any exam misses that they may have missed in the past. A focus on Sustainability as Technology Managers: As we prepare graduates for careers in leadership and management positions in information and communication technology setting integral to most organizations, it is an objective of this course that students develop and understanding of the international, social, political, economic, environmental and cultural issues in a context of their interrelationships, responsibilities, and demands on technology professionals. A significant focus of this objective is to integrate sustainability themes within this preparation. As we explore and analyze technological systems, students will investigate the human connections within relative environments, examine the diversity of international and native values and assumptions as they relate to technology and sustainability. Students will have the opportunity to develop a practical communications proposal they will present to their peers hat identifies appropriate technological applications and adopts sustainable strategies for an organization or enterprise as a service project. In sharing their ideas and propositions with course colleagues, the expectation is that a shared experience fosters sustainable behaviors in this population.

Copyright 2019 Cassie Dove

DRAFT

Page 8 of 9

UNIVERSITY POLICIES AND RESOURCES DISABILITY ACCOMMODATIONS The university is committed to providing students with documented disabilities equal access to all university programs and services. If you think you have a disability and would like to requestaccommodations, you must register with the Disability Services Center. Timely notification is essential. The Disability Services Center can be reached by calling 207-780-4706 or by email dscusm@maine.edu. If you have already received a faculty accommodation letter from the Disability Services Center, please provide me with that information as soon as possible. Please make a private appointment so that we can review your accommodations. TUTORING AND WRITING ASSISTANCE Tutoring at USM is for all students, not just those who are struggling. Tutoring provides active feedback and practice, and is available for writing, math, and many more subjects. Walk-in tutoring is available at the Glickman Library in Portland, the Gorham Library, and the LAC Writing Center. For best service, we recommend making an appointment at https://usm.maine.edu/learningcommons/schedule-tutoring-appointment. Questions about tutoring should be directed to Naamah Jarnot at 207-780-4554. Interested in becoming a more effective, efficient learner? Check out https://usm.maine.edu/agile! COUNSELING Counseling is available at USM. The best way to schedule an appointment is by phone at 780-5411. More information is available at https://usm.maine.edu/uhcs. NONDISCRIMINATION POLICY The University of Southern Maine is an EEO/AA employer, and does not discriminate on the grounds of race, color, religion, sex, sexual orientation, transgender status, gender expression, national origin, citizenship status, age, disability, genetic information or veteran’s status in employment, education, and all other programs and activities. The following person has been designated to handle inquiries regarding non-discrimination policies: Sarah E. Harebo, Director of Equal Opportunity, 101 North Stevens Hall, University of Maine, Orono, ME 04469-5754, 207.581.1226, TTY 711 (Maine Relay System). STATEMENT ON RELIGIOUS OBSERVANCE FOR USM STUDENTS Absence for Religious Holy Days: The University of Southern Maine respects the religious beliefs of all members of the community, affirms their rights to observe significant religious holy days, and will make reasonable accommodations, upon request, for such observances. If a student’s religious observance is in conflict with the academic experience, they should inform their instructor(s) of the class or other school functions that will be affected. It is the student’s responsibility to make the necessary arrangements mutually agreed upon with the instructor(s). TITLE IX STATEMENT

Copyright 2019 Cassie Dove

DRAFT

Page 9 of 9

The University of Southern Maine is committed to making our campuses safer places for students. Because of this commitment, and our federal obligations, faculty and other employees are considered mandated reporters when it comes to experiences of interpersonal violence (sexual assault, sexual harassment, dating or domestic violence, and stalking). Disclosures of interpersonal violence must be passed along to the University’s Deputy Title IX Coordinator who can help provide support and academic remedies for students who have been impacted. More information can be found online at http://usm.maine.edu/campus-safety-project or by contacting Sarah E. Holmes at sarah.e.holmes1@maine.edu or 207-780-5767.

If students want to speak with someone confidentially, the following resources are available on and off campus: University Counseling Services (207-780-4050); 24 Hour Sexual Assault Hotline (1-800-871-7741); 24 Hour Domestic Violence Hotline (1-866-834-4357).

Copyright 2019 Cassie Dove

DRAFT